Username: username
Password: password
The username and password of a log in are supposed to be unique. When a password is on a list of the 25 most common passwords of 2013, it is time to switch. In a book called The Cuckoo's Egg, Cliff showed that the main reason a computer and data is compromised is because a username and password were easy to guess. His solution to these attacks was simply to create unique passwords, and specifically a password that is not found in a common dictionary. Looking at the list shows that we are still not creating unique passwords after twenty years of the internet. At least many are not in the dictionary like "trustno1."
I would often think about work while reading the book as we have a simple username and password to guess in order to access a public computer account. Gigabytes of sensitive information would be accessible on thousands of people if someone were to access it. Luckily the most important data is behind another username and password. Still, as shown in the book, simple programs can find the email addresses of important individuals, then read them until the right information is needed to access the critical data. This form of attack is not some crazy person doing it for one night, it is done over a long period of time.
No comments:
Post a Comment